Automatic clustering of attacks in intrusion detection systems

Mohammad Shojafar, Rahim Taheri, Zahra Pooranian, Reza Javidan, Ali Miri, Yaser Jararweh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Intrusion Detection Systems (IDSs) can identify the malicious activities and anomalies in networks and present robust protection for these systems. Clustering of attacks plays an important role in defining IDS defense policies. A key challenge in clustering has been finding the optimal value for the number of clusters. In this paper, we propose an automatic clustering algorithm as part of an IDS architecture. This algorithm is based on concepts of coherence and separation. Our automatic clustering algorithms find clusters with the most similarity between the proposed cluster elements and the least similarity with other clusters. The proposed clustering is further optimized by considering two types of objective index functions, and Artificial Bee Colony (ABC), Particle Swarm Optimization (PSO), and Differential Evolution (DE) methods. Comparison of the results obtained with other work in the literature shows improvements in terms of the low average number of evaluations functions, high accuracy, and low computation cost.

Original languageEnglish
Title of host publication16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages8
ISBN (Electronic)9781728150529
ISBN (Print)9781728150536
DOIs
Publication statusPublished - 1 Nov 2019
Event16th ACS/IEEE International Conference on Computer Systems and Applications - Abu Dhabi, United Arab Emirates
Duration: 3 Nov 20197 Nov 2019

Publication series

NameProceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA
PublisherIEEE
ISSN (Print)2161-5322
ISSN (Electronic)2161-5330

Conference

Conference16th ACS/IEEE International Conference on Computer Systems and Applications
Abbreviated titleAICCSA 2019
Country/TerritoryUnited Arab Emirates
CityAbu Dhabi
Period3/11/197/11/19

Keywords

  • Automatic Clustering
  • Intrusion Detection Systems (IDSs)
  • NSL-KDD
  • Optimization Methods

Fingerprint

Dive into the research topics of 'Automatic clustering of attacks in intrusion detection systems'. Together they form a unique fingerprint.

Cite this